| Author | Messages | |
danholme
Posts:139
 | | 03/25/2008 9:49 PM |
| Yes, linking users to their managed groups/service accounts would be an
obvious extension... you'll be able to take what's in the resource kit
and make that happen. If not, LMK and I'll do what I can to help-that
would be a nice solution to develop for the 2nd edition!!
Multiforest, since you have separate instances, you'd be out of luck,
unless you create a new object class that stores the computer
information of the remote forest (but not as a security principal,
maybe, just as a bunch of attributes).
Dan
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jef Kazimer
Sent: Tuesday, March 25, 2008 3:38 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Microsoft Blogs: Domain Controller roles?
Dan,
You have peeked my interest with your associating users with Computers
sample, as I was just thinking about going down that route. I also would
like to do the same for users and their managed groups and service
accounts in a similar way.
I am curious about a way this could work using references and backlinks,
and wonder how a multi-forest environment will impede this.
I'll be ordering the book on Amazon tomo though.
Thanks,
Jef
From: Dan Holme <mailto:dan.holme@intelliem.com>
Sent: Tuesday, March 25, 2008 8:27 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Microsoft Blogs: Domain Controller roles?
I detail these in the 70-640: CONFIGURING ACTIVE DIRECTORY training kit
from MS Press, due out in 2 months (I think-I just turned in my last
page review, so it's SOON).
FSMO & Schema changes haven't really changed at all with 2008, so any
good 2003 book will fill you in. The only difference that comes to mind
is that DCPROMO is better at helping you demote a DC and move a fsmo
role off of it... but that's a small thing. Otherwise, FSMOs are FSMOs
and schema is schema.
One thing that IS new (not 2008 new, but "news" not known by many it
pros) is how easy it has become to change the schema. Even generating
an OID for the schema mod is easy now. [insert fear-of-god caveats
here] Check out my new "solutions kit" (Windows Server Administration
Kit: Productivity Solutions for IT Professionals,
http://share.intelliem.com/cs/r.ashx?2) . I have an example in the book
that creates a set of schema mods that allow you to associate users and
their computers (who has what computers, fully back-linked). The
concepts and tools in that solution are illuminating.
HTH
Dan
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, March 25, 2008 3:15 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Microsoft Blogs: Domain Controller roles?
The O'Reilly and Addison Wesley AD books would be worth picking up for
this stuff I think. I don't kno what the timeline for the Addison-Wesley
title is as far as 2008 coverage, however I have heard from a good
source that the 4th edition of the O'Reilly book is probably Q4 of this
year or very early in Q1 2009.
The TechTarget infrastructure master article is good for that role
alone.
--brian
On Tue, Mar 25, 2008 at 7:28 PM, Robert Singers
<robert.singers@dbh.govt.nz> wrote:
Well things like what the FSMO roles do. How to seize roles. How to
make schema changes. Why you do things from a practical sense.
All the gnarly stuff that gets discussed here.
Even tho' I've worked for a US Multinational IT company, helped design
it's AD implimentation, worked with Windows [server] since NT3.5, and
deployed thousands of PCs I sometimes feel a bit of a dunce reading
posts to this mailing list. My old brain needs a bit of a prompt
sometimes to dredge the relevant background info up, and reading the
marketure just puts me to sleep.
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Wednesday, 26 March 2008 12:05 p.m.
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Microsoft Blogs: Domain Controller roles?
Perhaps if you elaborate on what you're looking for there might be some
suggestions.
--brian
On Tue, Mar 25, 2008 at 6:59 PM, Robert Singers
<robert.singers@dbh.govt.nz> wrote:
Thanks guys. Doesn't quite have the info I was looking for, but does
have lots of interesting stuff.
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Almeida Pinto,
Jorge de
Sent: Wednesday, 26 March 2008 9:58 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Microsoft Blogs: Domain Controller roles?
I think the place for that would be: http://blogs.technet.com/askds/
(Ask the Directory Services Team
<https://nlowa.logica.com/askds/default.aspx> )
REMARK: E-mail address change: "@logicacmg.com <http://logicacmg.com/> "
is now "@logica.com <http://logica.com/> ".
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
Logica Nederland B.V. (BU ISA Eindhoven)
( Tel : +31-(0)40-29.57.777
( Mobile : +31-(0)6-26.26.62.80 <http://26.26.62.80/>
* E-mail : Jorge.de.Almeida.Pinto@logica.com
________________________________
From: ActiveDir-owner@mail.activedir.org on behalf of Robert Singers
Sent: Tue 2008-03-25 21:48
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Microsoft Blogs: Domain Controller roles?
I've really enjoyed "The Filing Cabinet" and "Windows Time Service"
(sick isn't it), and I'm wondering whether there is a Microsoft Blog
that talks about Domain Controllers, FSMO roles, and general Active
Directory design.
I'm finding the blogs a much better method of jogging my old brain, and
also of helping people with specific problems or tasks. They're much
better than wading through the marketure looking for the relevant entry.
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ
MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files
may be confidential and subject to privilege. Any opinions expressed in
this message are not necessarily those of the Department of Building and
Housing. All technical opinions are offered on a 'no-liability' basis.
This message and any files transmitted with it are confidential and
solely for the use of the intended recipient. If you are not the
intended recipient, you are notified that any use, disclosure or copying
of this email is unauthorised. If you have received this email in
error, please notify us immediately by reply email and delete the
original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files
may be confidential and subject to privilege. Any opinions expressed in
this message are not necessarily those of the Department of Building and
Housing. All technical opinions are offered on a 'no-liability' basis.
This message and any files transmitted with it are confidential and
solely for the use of the intended recipient. If you are not the
intended recipient, you are notified that any use, disclosure or copying
of this email is unauthorised. If you have received this email in
error, please notify us immediately by reply email and delete the
original and any attachment(s). Thank you.
________________________________
--
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
--
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
| | | |
|
|